You need to calm down. Every person i've met from GA Tech has a hair trigger attitude that rears up on the first sign of an idea they don't agree with.
You are no different. I'm sorry noone gave a crap about you at that worthless college. Engineering schools are supposed to nuture your ideas, not make you averse to exploring them.
My idea is not blind, nor is it pointless. Everyone else in this thread is thinking. "Stop all attachments!" is not even a quote from me.
Du bist ein Dumbkopf. An egotistical one at that. And moving away from attachments doesn't inhibit corporate users from doing anything. Corporations have internal networks with share drives.
you're mixing up ideas. Sorry if I wasn't clear, but this is a broad list of all ideas on the Internet. The quote you have refers to people who cut and past from AP or leave out real data from research. Nothing to do with email.
I disagree with your foolish use of what is otherwise an intelligent template for responding to system overhauls.
First, you need to look up vigilantism. Banning attachments is not actively attacking the perp'.
Second, reputable mailing lists don't send attachments. They are accompanied by a server containing the documents they wish to reference. Other email users can be allowed to pass documents on a server share.
This is not an attempt to stop spam.
Users of email won't lose anything, so there's nothing to "put up with". They would drag their doc to the share, not their email client.
This does not require immediate total cooperation by everyone at once. Teams can be migrated one at a time. More fud.
This won't cause people to lose business.
Your "fails to account for" section is total bunk. Politicians aren't involved, outlook is irrelevant if attachments aren't allowed in the company.
The idea isn't feel good, and this method *is* used by companies already. Companies that don't have as much of a problem. The company I work for, for example, doesn't permit attachments. And it works.
And I am not stupid. I actually typed this up instead of being a wandering cut-and-paste-monkey who doesn't know how to use an anti-spam rebuttal form.
You're correct about so many things. It certainly wouldn't be easy, since people buck against losing something they have already been given.
But a corporate share is seldom accessible by everyone in the company. And if you are inclined to do what I suggest and block attachments, a plan must accompany it, such as team specific share directories.
Inbound documents could be submitted to a binary web-interfaced equivalent of rafb.net/paste, or better yet, IPv6, where everyone has an ip address they can host their own share from and accompanying web based tools on the perimiter of the company allowing flow through on an individual basis.
"Email me your computer number, I'll send you a link to the document and give you access."
Regarding e-faxes and scan to email, there are send-to-share alternatives as well.
But to generalize, any exploitation which requires a server to be involved will be easier for a company to manage than a free floating entity wandering about their network with no roots.
All run webservers and have e-mail programs that know how to publish to them and all of the cool new security issues that'll bring with it.
IPv6. Why does the email client have to be involved? You drag a doc to the email client, not the other way around. Just drag it to your share, check the access with your browser and put that url in your email.
It doesn't take the recipient any more effort, but forces you to have the doc on a server that can be identified or blocked if need be.
What virus infected document? The one that couldn't be emailed to me?
You mean the one that has to be sitting on a server for me to get. That document was blocked a long time ago when someone else clicked on it and IT security stopped access to the IP at the firewall to prevent further spreading from the source.
And now, since I cannot email it to someone else, the virus has to share itself on my drive and spread that link around. Only it can't because the workstation doesn't allow shares. There is a corporate share I place docs on.
So not the virus has to find the corporate share, find a directory I have access to and embed itself there. Then email others in the company. Only most others in the company don't have access to the share I have access to. So most can't open the document.
Now you've slowed it down to only spreading to the team with rights to the share using a medium which can be managed - temporarily block the share - scan for the document and remove it - turn the share back on. Other team members risk sharing with the few people they interact with from other teams, but the virus has to find which people those are from the permissions on the share versus mailing list - a sparse matrix.
Fud. How is this different from now, where there is a hybrid of the two? I'm saying eliminate one. By doing so at least the perp has to host a server with the malicious doc on it, which consolidates the problem into the realm of phishing scams.
And once again, there are no more tasks. copying a doc to a share is not more involved than copying to email. It even helps enforce security through permissions. Read only documents aren't subject to infection.
So to summarize "my method": - permits a mail server admin to ban all attachments across the board without keeping people from sharing documents within the company. - introduces a share server into the picture that can enforce security constraints. - forces a virus perp to have to host a server to get in. Access to which can be blocked at the firewall to help stop an infection. - Increases a document creator's ability to control dissemination of their work. - Cuts down on duplicates stored on mail servers. - Cuts processor time to encode/decode docs for transmission. - others...
We were adolescent back then. In the 90's, we tried to make everything accept everything, put anything anywhere, spread out and see what sticks.
We're smarter now and the security risks of the Internet today are far more prevelant than they were back then. There wasn't as much invested back then.
It's time to put the toys back in the garage, clean up your room and do things in an orderly fashion.
email text. have voice conversations over VOIP. leave voice messages and docs on servers. give everyone their own ip address and make them responsible for what emanates from it. link directly to sources instead of repeating the exact same story.
Your suggestion that an attachment represents "rich deliverable content" is laughable.
Yes, I am saying email should be text only. It is already, whether you acknowledge it or not. You see, your "attachment" was bit shifted into text characters so it could be packaged in an email without getting munged. SMTP was intended for text and truncates bits based on that assumption. It's a bastardized, encoded cyst. A real document has a lifespan, an author, a source, and various other metadata that are not inherent to email. Copy an attachment out and paste into another email - unless the doc embeds the source, it has now been re-sourced forever.
An email should point to the document, at its source, not contain the document. If the end user wants a copy they should make it from the single, established source.
There is no reduction in the richness of the end effect. Single-clicking a link to the document on the source server takes no more time and is no less rich than double-clicking the document object in outlook.
You're trying to suggest that it's a step back. Losing your system to a virus is a step back. Trading an embedded doc for a url to the document is not.
Among other things, vulnerabilities are guaged by the number of days they have been out. 8-day, 7-day, etc. If an exploit ('sploit) has not been know before being used in the wild, it's referred to as a 0-day. That's Zero day, or "oh-day".
Forgot one thing. This is what we need IPv6 for. If everyone in the country had a distinct permanent IP for each machine, they could share their resume or other docs from their own machine, provide permission to a company to access it, then send an email with no attachment, just the url to their share.
Disable attachments. It's was a dumb idea in the first place - it presents opportunities for malicious behavior, harbours company secret dissemination and promotes unnecessary clutter. Refer to a url pointing at a share within the company instead.
All internal corporate attachments should be banned. That's how you deal with it.
First about "I tried to install CVS or subversion". So, which one was it?
Second, you seem to value speed on something you do once - installation and setup - over the steady-state use of the source control tool - keeping your data integrity intact.
For Subversion, the explorer client is TortoiseSVN.
I've used Source Safe, Clear Case, Starteam, CVS and Subversion, RCCS, and a few others I've forgotten. By far, Subversion has been the best. Starteam was close, but it required a Microsoft setup back when I used it.
I do not agree that Subversion is difficult to set up.
Bad analogy - this is equivalent to a bank having two doors - the main one and an unmarked door. If you come through the main one you pay normal fees, withdrawal only what's in your account, are constrained by transactions. If you are inquisitive enough to go through the unmarked door, you can deposit $1 and get back $999 more when you withdrawal. There's no guard at the unmarked door, and the tellers treat the transaction as legitimate and appropriate.
They shouldn't have kicked him out of the bank, they should just lock the unmarked door and reverse particular transactions.
Um, nope. The guy wasn't breeding with the horse, he was just getting it excited for nothing. Interbreeding requires to animals to be closely related (i.e., same species), so no chimp humans either.
The founders recognized the danger that enumerating a few of the rights would cause some people, such as yourself, to assume that meant other rights were not actually protected. They are - the emphasis in the constitution is that the federal government plays a specific role and the states & individuals retained the majority of the power.
Althought that's not how things have played out in the past 60 years, that is in fact how the constitution was origiginally written. The major disaster which cause most of the current problems was the instatement of an income tax by Lincoln during the civil war, followed by the massive power grabs steadily occurring since WWII.
It's one of the big enchiladas in the Department of Defence infrastructure. Play devil's advocate for a second - would you release copious notes and information about the impact and how it damaged the building? The building being of course, one of your primary command and control facilities for the nation?
It's classified, and they do such things with a wide net. The fact is, the reconstruction of the aircraft was probably classified as well and those who worked on it were probably deputized/given clearances.
It was an attack on a military installation - of course you're not going to get the whole picture. Pearl Harbour would have been the same was except that it occurred outdoors.
Why would you point your survelliance cameras at your building? I'd imagine any camera has a specific target and purpose - monitor a hallway, show a view of people arriving at an entrance (like this one), etc. There are tens of cameras outside the Pentagon - there are only a few actually pointed at it. That's because, except for this particular day and the followon construction, the building doesn't do much to warrant monitoring.
I'm not sure I have a solid answer for that, other than the administrations concienciousness of media and propoganda. They probably didn't want the images used to recruit additional attackers. Besides, it's a pretty healthy bloody nose for the US government - squelching it and any outcropping issues is natural for an institution so bent on saving face.
They did release it immediately. The Moussaoui trial just ended. It's common that the government and companies do not discuss details relating to a trial while it's in progress.
The fact is, the integrity of the tape will be questioned more because of what it is and who it's from than how long it took to release it. There would still be skeptics if it was released immediately
Slashdot Mirror
You need to calm down. Every person i've met from GA Tech has a hair trigger attitude that rears up on the first sign of an idea they don't agree with.
You are no different. I'm sorry noone gave a crap about you at that worthless college. Engineering schools are supposed to nuture your ideas, not make you averse to exploring them.
My idea is not blind, nor is it pointless. Everyone else in this thread is thinking. "Stop all attachments!" is not even a quote from me.
Du bist ein Dumbkopf. An egotistical one at that. And moving away from attachments doesn't inhibit corporate users from doing anything. Corporations have internal networks with share drives.
"Just avoid anything that has more than 90% market share unless you have some real heavy duty security in place."
Change your tools every time one becomes popular? Nice.
copying to a share is not more difficult or less usable that mailing as an attachment. Try it sometime. Most companies support both.
you're mixing up ideas. Sorry if I wasn't clear, but this is a broad list of all ideas on the Internet. The quote you have refers to people who cut and past from AP or leave out real data from research. Nothing to do with email.
I disagree with your foolish use of what is otherwise an intelligent template for responding to system overhauls.
First, you need to look up vigilantism. Banning attachments is not actively attacking the perp'.
Second, reputable mailing lists don't send attachments. They are accompanied by a server containing the documents they wish to reference. Other email users can be allowed to pass documents on a server share.
This is not an attempt to stop spam.
Users of email won't lose anything, so there's nothing to "put up with". They would drag their doc to the share, not their email client.
This does not require immediate total cooperation by everyone at once. Teams can be migrated one at a time. More fud.
This won't cause people to lose business.
Your "fails to account for" section is total bunk. Politicians aren't involved, outlook is irrelevant if attachments aren't allowed in the company.
The idea isn't feel good, and this method *is* used by companies already. Companies that don't have as much of a problem. The company I work for, for example, doesn't permit attachments. And it works.
And I am not stupid. I actually typed this up instead of being a wandering cut-and-paste-monkey who doesn't know how to use an anti-spam rebuttal form.
A great response!
You're correct about so many things. It certainly wouldn't be easy, since people buck against losing something they have already been given.
But a corporate share is seldom accessible by everyone in the company. And if you are inclined to do what I suggest and block attachments, a plan must accompany it, such as team specific share directories.
Inbound documents could be submitted to a binary web-interfaced equivalent of rafb.net/paste, or better yet, IPv6, where everyone has an ip address they can host their own share from and accompanying web based tools on the perimiter of the company allowing flow through on an individual basis.
"Email me your computer number, I'll send you a link to the document and give you access."
Regarding e-faxes and scan to email, there are send-to-share alternatives as well.
But to generalize, any exploitation which requires a server to be involved will be easier for a company to manage than a free floating entity wandering about their network with no roots.
All run webservers and have e-mail programs that know how to publish to them and all of the cool new security issues that'll bring with it.
IPv6. Why does the email client have to be involved? You drag a doc to the email client, not the other way around. Just drag it to your share, check the access with your browser and put that url in your email.
It doesn't take the recipient any more effort, but forces you to have the doc on a server that can be identified or blocked if need be.
What virus infected document? The one that couldn't be emailed to me?
You mean the one that has to be sitting on a server for me to get. That document was blocked a long time ago when someone else clicked on it and IT security stopped access to the IP at the firewall to prevent further spreading from the source.
And now, since I cannot email it to someone else, the virus has to share itself on my drive and spread that link around. Only it can't because the workstation doesn't allow shares. There is a corporate share I place docs on.
So not the virus has to find the corporate share, find a directory I have access to and embed itself there. Then email others in the company. Only most others in the company don't have access to the share I have access to. So most can't open the document.
Now you've slowed it down to only spreading to the team with rights to the share using a medium which can be managed - temporarily block the share - scan for the document and remove it - turn the share back on. Other team members risk sharing with the few people they interact with from other teams, but the virus has to find which people those are from the permissions on the share versus mailing list - a sparse matrix.
Fud. How is this different from now, where there is a hybrid of the two? I'm saying eliminate one. By doing so at least the perp has to host a server with the malicious doc on it, which consolidates the problem into the realm of phishing scams.
And once again, there are no more tasks. copying a doc to a share is not more involved than copying to email. It even helps enforce security through permissions. Read only documents aren't subject to infection.
So to summarize "my method":
- permits a mail server admin to ban all attachments across the board without keeping people from sharing documents within the company.
- introduces a share server into the picture that can enforce security constraints.
- forces a virus perp to have to host a server to get in. Access to which can be blocked at the firewall to help stop an infection.
- Increases a document creator's ability to control dissemination of their work.
- Cuts down on duplicates stored on mail servers.
- Cuts processor time to encode/decode docs for transmission.
- others...
At least with phishers they have to burn an IP address of a node on their zombie cluster to present the mock web page.
We were adolescent back then. In the 90's, we tried to make everything accept everything, put anything anywhere, spread out and see what sticks.
We're smarter now and the security risks of the Internet today are far more prevelant than they were back then. There wasn't as much invested back then.
It's time to put the toys back in the garage, clean up your room and do things in an orderly fashion.
email text.
have voice conversations over VOIP.
leave voice messages and docs on servers.
give everyone their own ip address and make them responsible for what emanates from it.
link directly to sources instead of repeating the exact same story.
Yes, I am serious.
Your suggestion that an attachment represents "rich deliverable content" is laughable.
Yes, I am saying email should be text only. It is already, whether you acknowledge it or not. You see, your "attachment" was bit shifted into text characters so it could be packaged in an email without getting munged. SMTP was intended for text and truncates bits based on that assumption. It's a bastardized, encoded cyst. A real document has a lifespan, an author, a source, and various other metadata that are not inherent to email. Copy an attachment out and paste into another email - unless the doc embeds the source, it has now been re-sourced forever.
An email should point to the document, at its source, not contain the document. If the end user wants a copy they should make it from the single, established source.
There is no reduction in the richness of the end effect. Single-clicking a link to the document on the source server takes no more time and is no less rich than double-clicking the document object in outlook.
You're trying to suggest that it's a step back. Losing your system to a virus is a step back. Trading an embedded doc for a url to the document is not.
Among other things, vulnerabilities are guaged by the number of days they have been out. 8-day, 7-day, etc. If an exploit ('sploit) has not been know before being used in the wild, it's referred to as a 0-day. That's Zero day, or "oh-day".
http://en.wikipedia.org/wiki/Zero_day
Forgot one thing. This is what we need IPv6 for. If everyone in the country had a distinct permanent IP for each machine, they could share their resume or other docs from their own machine, provide permission to a company to access it, then send an email with no attachment, just the url to their share.
Disable attachments. It's was a dumb idea in the first place - it presents opportunities for malicious behavior, harbours company secret dissemination and promotes unnecessary clutter. Refer to a url pointing at a share within the company instead.
All internal corporate attachments should be banned. That's how you deal with it.
Just a few questions.
First about "I tried to install CVS or subversion". So, which one was it?
Second, you seem to value speed on something you do once - installation and setup - over the steady-state use of the source control tool - keeping your data integrity intact.
For Subversion, the explorer client is TortoiseSVN.
I've used Source Safe, Clear Case, Starteam, CVS and Subversion, RCCS, and a few others I've forgotten. By far, Subversion has been the best. Starteam was close, but it required a Microsoft setup back when I used it.
I do not agree that Subversion is difficult to set up.
Bad analogy - this is equivalent to a bank having two doors - the main one and an unmarked door. If you come through the main one you pay normal fees, withdrawal only what's in your account, are constrained by transactions. If you are inquisitive enough to go through the unmarked door, you can deposit $1 and get back $999 more when you withdrawal. There's no guard at the unmarked door, and the tellers treat the transaction as legitimate and appropriate.
They shouldn't have kicked him out of the bank, they should just lock the unmarked door and reverse particular transactions.
I'm as old as I-can-be
and have to tell you my-story
a long and fruitful epogee
about my Chim-Pan-family
Chim-Pan A and Chim-Pan B
married underneath a tree
They had some girls who were care-free
And named them Chim-Pan C and E.
Then Chim-Pan F and Chim-Pan E
They had a boy named Chim-Pan D
He Ran off with Chim-Pan C
to raise their own big family.
Chim-Pan G through Chim-Pan P
The bunch, they were a sight to see
They'd run and eat and sleep and pee
The run-amock-kid-family
So every pod and every pea
was gobbled up by A through P
until their wasn't much to see
but tattered leaves and shrubbery.
The food was scarce and G through P
grew old and raised small families
And Chim-Pan Q through Chim-Pan V
spent most their time quite hung-ar-y
They left and found a forest tree
that turned out to be fruit-plenty
Time went by and Chim-Pan V
Gave birth to W through me.
Now you know the whole story
About my great big family
Tell all your friends you heard from me
Sincerely Yours, Chim-Pan-Z
Um, nope. The guy wasn't breeding with the horse, he was just getting it excited for nothing. Interbreeding requires to animals to be closely related (i.e., same species), so no chimp humans either.
nice try though, troll.
total bunk.
h e_United_States_Constitution
Read the Ninth Amendment:
http://en.wikipedia.org/wiki/Ninth_Amendment_to_t
The founders recognized the danger that enumerating a few of the rights would cause some people, such as yourself, to assume that meant other rights were not actually protected. They are - the emphasis in the constitution is that the federal government plays a specific role and the states & individuals retained the majority of the power.
Althought that's not how things have played out in the past 60 years, that is in fact how the constitution was origiginally written. The major disaster which cause most of the current problems was the instatement of an income tax by Lincoln during the civil war, followed by the massive power grabs steadily occurring since WWII.
it was just brushed under the carpet.
It's one of the big enchiladas in the Department of Defence infrastructure. Play devil's advocate for a second - would you release copious notes and information about the impact and how it damaged the building? The building being of course, one of your primary command and control facilities for the nation?
It's classified, and they do such things with a wide net. The fact is, the reconstruction of the aircraft was probably classified as well and those who worked on it were probably deputized/given clearances.
It was an attack on a military installation - of course you're not going to get the whole picture. Pearl Harbour would have been the same was except that it occurred outdoors.
Why would you point your survelliance cameras at your building? I'd imagine any camera has a specific target and purpose - monitor a hallway, show a view of people arriving at an entrance (like this one), etc. There are tens of cameras outside the Pentagon - there are only a few actually pointed at it. That's because, except for this particular day and the followon construction, the building doesn't do much to warrant monitoring.
I'm not sure I have a solid answer for that, other than the administrations concienciousness of media and propoganda. They probably didn't want the images used to recruit additional attackers. Besides, it's a pretty healthy bloody nose for the US government - squelching it and any outcropping issues is natural for an institution so bent on saving face.
I'm ready for a technology downgrade.
i i.php
Here you go, enjoy!
http://www.asciimation.co.nz/
http://www.justbewise.net/matrix.html
http://www.romanm.ch//seiten_layout/portfolio_asc
They did release it immediately. The Moussaoui trial just ended. It's common that the government and companies do not discuss details relating to a trial while it's in progress.
The fact is, the integrity of the tape will be questioned more because of what it is and who it's from than how long it took to release it. There would still be skeptics if it was released immediately
The idea isn't well grounded, that's for sure.